Wary why? I work remotely in IT and manage a ton of Linux systems with it. Because my company has a large number of remote employees they limit us to Windows or Macs only, and have pretty robust MDM, security, etc. installed on them. Since MacOS is built on top of a unix kernel it’s much more intuitive to manage other unix & linux systems with it.

Personally I haven’t used Windows really since before Windows 10 came out, and as the family tech support department I managed to switch my wife, parents, brother, and mother in-law all to Mac’s years ago as well.

Reminds me of the movie The Final Countdown…

DigiCert recently was forced to invalidate something like 50,000 of their DNS-challenge based certs because of a bug in their system, and they gave companies like mine only 24 hours to renew them before invalidating the old ones…

My employer had an EV cert for years on our primary domain. The C-suites, etc. thought it was important. Then one of our engineers who focuses on SEO demonstrated how the EV cert slowed down page loads enough that search engines like Google might take notice. Apparently EV certs trigger an additional lookup by the browser to confirm the extended validity.

Once the powers-that-be understood that the EV cert wasn’t offering any additional usefulness, and might be impacting our SEO performance (however small) they had us get rid of it and use a good old OV cert instead.

Back in the 90’s before the days of Windows 3.0 I had to debug a memory manager written by a brilliant but somewhat odd guy. Among other thing I stumbled across:

• A temporary variable called “handy” because it was useful in a number of situations.
• Another one called son_of_handy, used in conjunction with handy.
• Blocks of memory were referred to as cookies.
• Cookies had a flag called shit_cookie_corrupt that would get set if the block of memory was suspected of being corrupt.
• Each time a cookie was found to be corrupt then the function OhShit() was called.
• If too many cookies were corrupt then the function OhShitOhShitOhShit() was called, which would terminate everything.

If you have ssh open to the world then it’s better to disable root logins entirely and also disable passwords, relying on ssh keys instead.

Port 22 is the default SSH port and it receives a TON of malicious traffic any time it’s open to the whole internet. 20 years ago I saw a newly installed server with a weak root password get infected by an IP address in China less than an hour after being connected to the open internet.

With all the bots out there these days it would probably take a lot less time if we ran the same experiment again.

I just had a flashback to the bunny/cop in the movie Free Guy.

Back in the late 90’s I worked for an internet search company, long before Google was a thing. We would regularly physically drive a dozen SCSI drives from a RAID array between two datacenters about 20 miles apart.

Next you’ll be telling me it’s a chemtrail generator.

I don’t understand why Cloudflare gets bashed so much over this… EVERY CDN out there does exactly the same thing. It’s how CDN’s work. Whether it’s Akamai, AWS, Google Cloud CDN, Fastly, Microsoft Azure CDN, or some other provider, they all do the same thing. In order to operate properly they need access to unencrypted content so that they can determine how to cache it properly and serve it from those caches instead of always going back to your origin server.

My employer uses both Akamai and AWS, and we’re well aware of this fact and what it means.

That would surprise me. Companies like Akamai maintain very up-to-date lists of Tor exit nodes, commercial VPN exit nodes, etc. My employer uses Akamai and blocks all traffic from Tor given the huge volume of malicious traffic coming from it. It would be trivial for us to block VPN traffic as well if we wanted to. Those blocks occur on Akamai’s systems before it ever makes it to ours. No browser-based tool is going to get around an IP based block like that.

No idea if Reddit is doing something similar here, but my guess is they are.

We use Akamai where I work for security, CDN, etc. Their services make it largely trivial to identify traffic from bots. They can classify requests in real time as coming from known bots like Googlebot to programming frameworks like python & java to bots that impersonate Googlebot, to virtually any other automated traffic from unknown bots.

If Reddit was smart they’d leverage something like that to allow Google, Bing, etc. to crawl their data and block all others, or poison others with bogus data. But we’re talking about Reddit here…

It was pure c code that was used to print reports, and included the date in a header. Whoever wrote it miscalculated the size of the buffer for the header by one byte. When the date was the longest month & day spelled out plus a two digit day of the month then it would overflow the buffer, resulting in the program crashing.

Decades ago I had to debug a random crash. It only happened on Wednesdays. On Wednesdays in September. On Wednesdays in September after the 10th…

I use .home for my home network…

Spez will charge $2. Because, in the immortal words of Shel Silverstein, “two is more than one”.

It’s been roughly 20 years now but my employer at the time had a number of servers that started having odd drive failures at similar times. Long story short we eventually discovered that it was the power supplies that were starting to fail.

These servers had something like 6 hard drives in them, and while troubleshooting we started seeing a pattern where any 5 would work, but as soon as the 6th was reconnected then drives would randomly fail. We eventually replaced the power supply and all 6 drives were happy again.

So you have to completely reinstall Windows if you want to get rid of the GUI on an existing system?

On Linux just edit a file & reboot…

You haven’t “flown” recently, have you?